Device Provisioning and Authentication

1. A method performed by a device in a vehicle, the method comprising: determining, using at least one processor, whether one or more valid security credentials are available in a storage communicatively coupled to the device upon powering up the device; in response to determining that one or more valid security credentials are not available, establishing, using a transceiver and the at least one processor, a communication session with a network server that is configured to manage provisioning of devices corresponding to an enterprise associated with the vehicle, wherein establishing the communication session includes authenticating, using the at least one processor, the network server by using an enterprise security certificate of the enterprise that is available to the device; upon establishing the communication session with the network server, receiving, from the network server using the at least one processor, instructions to generate cryptographic keys; in response to receiving the instructions, generating, using the at least one processor, a key pair comprising a public key and a corresponding private key; storing, using the at least one processor, the private key in the storage communicatively coupled to the device; sending, to the network server using the at least one processor, a certificate signing request that includes the public key and an identifier of the device; receiving, from the network server using the at least one processor, at least one of a device security certificate corresponding to the public key, or a security certificate of a signing certificate authority that signed the device security certificate, wherein the signing certificate authority is associated with the enterprise; authenticating, using the at least one processor, the security certificate of the signing certificate authority using the enterprise security certificate available to the device; and upon successfully authenticating the security certificate of the signing certificate authority, storing, using the at least one processor, at least one of the device security certificate or the security certificate of the signing certificate authority in the storage communicatively coupled to the device.

2. The method of claim 1 , wherein provisioning a particular device in the vehicle comprises providing the particular device with at least one cryptographic key or security certificate, wherein the particular device is configured to perform authenticated communication with at least one other entity associated with the enterprise using the at least one cryptographic key or security certificate.

3. The method of claim 1 , further comprising: receiving, using the network server, the certificate signing request from the device; determining, using the network server, whether the certificate signing request is a valid request; in response to determining that the certificate signing request is a valid request, sending, using the network server, the certificate signing request to the signing certificate authority; receiving, using the network server from the signing certificate authority, at least one of the device security certificate, or the security certificate of the signing certificate authority; storing, using the network server, the device security certificate in storage coupled to the network server; and sending, using the network server to the device, at least one of the device security certificate, or the security certificate of the signing certificate authority.

4. The method of claim 3 , wherein determining whether the certificate signing request is a valid request comprises: obtaining the identifier of the device from the certificate signing request; determining, using the identifier, whether the device is registered with the enterprise as an active device; upon determining that the device is registered with the enterprise as an active device, determining whether an existing device security certificate is available to the network server; and upon determining that an existing device security certificate is not available to the network server, determining that the certificate signing request is a valid request.

5. The method of claim 4 , further comprising: determining that the certificate signing request is not a valid request upon determining that the device is not registered with the enterprise as an active device; and in response to determining that the device is not registered with the enterprise as an active device: generating an audit log entry, and terminating the communication session with the device.

6. The method of claim 4 , further comprising: determining that the certificate signing request is not a valid request upon determining that an existing device security certificate is available to the network server; and in response to determining that an existing device security certificate is available to the network server: revoking the existing device security certificate, generating an audit log entry, and terminating the communication session with the device.

7. The method of claim 1 , further comprising: receiving, from a management service corresponding to the enterprise, a connection request; authenticating the management service using the enterprise security certificate of the enterprise; upon successfully authenticating the management service, establishing the connection with the management service; receiving, from the management service, instructions to deprovision the device; and in response to receiving the instructions to deprovision the device: deleting, from the storage communicatively coupled to the device, at least one of the device security certificate or the security certificate of the signing certificate authority, and rebooting the device.

8. The method of claim 7 , further comprising: receiving, using the signing certificate authority from the management service, instructions to deprovision the device, the instructions including the identifier of the device; and in response to receiving the instructions to deprovision the device, revoking, by the signing certificate authority, the device security certificate.

9. The method of claim 8 , further comprising: receiving, using the network server from the management service, instructions to deprovision the device, the instructions including the identifier of the device and revocation information for the device security certificate; in response to receiving the instructions to deprovision the device, determining, by the network server using the identifier of the device obtained from the instructions, the device security certificate from storage coupled to the network server; and deleting, using the network server, the device security certificate from the storage coupled to the network server.

10. The method of claim 1 , further comprising: receiving, using the network server from a management service corresponding to the enterprise, instructions to decommission the device, the instructions including the identifier of the device and revocation information for the device security certificate; in response to receiving the instructions to decommission the device, determining, by the network server using the identifier of the device obtained from the instructions, the device security certificate from storage coupled to the network server; deleting, using the network server, the device security certificate from the storage coupled to the network server; and recording, using the network server, the identifier of the device as corresponding to a decommissioned device.

11. The method of claim 1 , further comprising: receiving, from a management service corresponding to the enterprise, a connection request; authenticating the management service using the enterprise security certificate of the enterprise; upon successfully authenticating the management service, establishing the connection with the management service; receiving, from the management service, instructions to update a configuration of the device; and in response to receiving the instructions to update a configuration of the device, performing a configuration update operation, the configuration update operation comprising one of reconfiguring the device, or updating a firmware on the device.

12. The method of claim 11 , wherein authenticating the management service comprises performing a mutual authentication between the device and the management service using one of Transport Layer Security (TLS) or Needham-Schroeder protocol.

13. A system comprising: a device in a vehicle, the device comprising: at least one processor; and storage media storing instructions that, when executed, cause the at least one processor to perform operations comprising: determining whether one or more valid security credentials are available in a storage communicatively coupled to the device upon powering up the device; in response to determining that one or more valid security credentials are not available, establishing, using a transceiver, a communication session with a network server that is configured to manage provisioning of devices corresponding to an enterprise associated with the vehicle, wherein establishing the communication session includes authenticating, using the processor, the network server by using an enterprise security certificate of the enterprise that is available to the device; upon establishing the communication session with the network server, receiving, from the network server, instructions to generate cryptographic keys; in response to receiving the instructions, generating, using the processor, a key pair comprising a public key and a corresponding private key; storing the private key in the storage communicatively coupled to the device; sending, to the network server, a certificate signing request that includes the public key and an identifier of the device; receiving, from the network server, at least one of a device security certificate corresponding to the public key, or a security certificate of a signing certificate authority that signed the device security certificate, wherein the signing certificate authority is associated with the enterprise; authenticating, using the processor, the security certificate of the signing certificate authority using the enterprise security certificate available to the device; and upon successfully authenticating the security certificate of the signing certificate authority, storing at least one of the device security certificate or the security certificate of the signing certificate authority in the storage communicatively coupled to the device.

14. The system of claim 13 , wherein provisioning a particular device in the vehicle comprises providing the particular device with at least one cryptographic key or security certificate, wherein the particular device is configured to perform authenticated communication with at least one other entity associated with the enterprise using the at least one cryptographic key or security certificate.

15. The system of claim 13 , further comprising: the network server, wherein the network server comprises: one or more server processors; and storage media storing instructions that, when executed, cause the one or more server processors to perform operations comprising: receiving the certificate signing request from the device; determining whether the certificate signing request is a valid request; in response to determining that the certificate signing request is a valid request, sending the certificate signing request to the signing certificate authority; receiving, from the signing certificate authority, at least one of the device security certificate, or the security certificate of the signing certificate authority; storing the device security certificate in storage coupled to the network server; and sending, to the device, at least one of the device security certificate, or the security certificate of the signing certificate authority.

16. The system of claim 15 , wherein determining whether the certificate signing request is a valid request comprises: obtaining the identifier of the device from the certificate signing request; determining, using the identifier, whether the device is registered with the enterprise as an active device; upon determining that the device is registered with the enterprise as an active device, determining whether an existing device security certificate is available to the network server; and upon determining that an existing device security certificate is not available to the network server, determining that the certificate signing request is a valid request.

17. The system of claim 16 , wherein the operations performed by the one or more server processors further comprise: determining that the certificate signing request is not a valid request upon determining that the device is not registered with the enterprise as an active device; and in response to determining that the device is not registered with the enterprise as an active device: generating an audit log entry, and terminating the communication session with the device.

18. The system of claim 16 , wherein the operations performed by the one or more server processors further comprise: determining that the certificate signing request is not a valid request upon determining that an existing device security certificate is available to the network server; and in response to determining that an existing device security certificate is available to the network server: revoking the existing device security certificate, generating an audit log entry, and terminating the communication session with the device.

19. The system of claim 13 , wherein the operations performed by the one or more device processors further comprise: receiving, from a management service corresponding to the enterprise, a connection request; authenticating the management service using the enterprise security certificate of the enterprise; upon successfully authenticating the management service, establishing the connection with the management service; receiving, from the management service, instructions to deprovision the device; and in response to receiving the instructions to deprovision the device: deleting, from the storage communicatively coupled to the device, at least one of the device security certificate or the security certificate of the signing certificate authority, and rebooting the device.

20. The system of claim 19 , further comprising: the signing certificate authority, wherein the signing certificate authority comprises: one or more certificate authority processors; and storage media storing instructions that, when executed, cause the one or more certificate authority processors to perform operations comprising: receiving, from the management service, instructions to deprovision the device, the instructions including the identifier of the device; and in response to receiving the instructions to deprovision the device, revoking the device security certificate.

21. The system of claim 20 , wherein the operations performed by the one or more server processors further comprise: receiving, from the management service, instructions to deprovision the device, the instructions including the identifier of the device and revocation information for the device security certificate; in response to receiving the instructions to deprovision the device, determining, using the identifier of the device obtained from the instructions, the device security certificate from storage coupled to the network server; and deleting the device security certificate from the storage coupled to the network server.

22. The system of claim 13 , further comprising: the network server, wherein the network server comprises: one or more server processors; and storage media storing instructions that, when executed, cause the one or more server processors to perform operations comprising: receiving, from a management service corresponding to the enterprise, instructions to decommission the device, the instructions including the identifier of the device and revocation information for the device security certificate; in response to receiving the instructions to decommission the device, determining, using the identifier of the device obtained from the instructions, the device security certificate from storage coupled to the network server; deleting the device security certificate from the storage coupled to the network server; and recording the identifier of the device as corresponding to a decommissioned device.

23. The system of claim 13 , wherein the operations further comprise: receiving, from a management service corresponding to the enterprise, a connection request; authenticating the management service using the enterprise security certificate of the enterprise; upon successfully authenticating the management service, establishing the connection with the management service; receiving, from the management service, instructions to update a configuration of the device; and in response to receiving the instructions to update a configuration of the device, performing a configuration update operation, the configuration update operation comprising one of reconfiguring the device, or updating a firmware on the device.

24. The system of claim 23 , wherein authenticating the management service comprises performing a mutual authentication between the device and the management service using one of Transport Layer Security (TLS) or Needham-Schroeder protocol.

25. The system of claim 13 , wherein the storage communicatively coupled to the device comprises one or more of a trusted platform module (TPM), or a hardware security module (HSM).

26. The system of claim 13 , wherein at least one of the device security certificate or the security certificate of the signing certificate authority comprises a X.509 certificate.

27. A vehicle comprising: a device comprising circuitry to execute one or more instructions that, when executed, cause the device to perform operations comprising: determining, using a processor, whether one or more valid security credentials are available in a storage communicatively coupled to the device upon powering up the device; in response to determining that one or more valid security credentials are not available, establishing, using a transceiver, a communication session with a network server that is configured to manage provisioning of devices corresponding to an enterprise associated with the vehicle, wherein establishing the communication session includes authenticating, using the processor, the network server by using an enterprise security certificate of the enterprise that is available to the device, and wherein provisioning a particular device in the vehicle refers to providing the particular device with at least one cryptographic key or security certificate, wherein the particular device performs authenticated communication with at least one other entity associated with the enterprise using the at least one cryptographic key or security certificate; upon establishing the communication session with the network server, receiving, from the network server, instructions to generate cryptographic keys; in response to receiving the instructions, generating, using the processor, a key pair comprising a public key and a corresponding private key; storing the private key in the storage communicatively coupled to the device; sending, to the network server, a certificate signing request that includes the public key and an identifier of the device; receiving, from the network server, at least one of a device security certificate corresponding to the public key, or a security certificate of a signing certificate authority that signed the device security certificate, wherein the signing certificate authority is associated with the enterprise; authenticating, using the processor, the security certificate of the signing certificate authority using the enterprise security certificate available to the device; and upon successfully authenticating the security certificate of the signing certificate authority, storing at least one of the device security certificate or the security certificate of the signing certificate authority in the storage communicatively coupled to the device.